<!--/*SC*/DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"/*EC*/-->
<html><head><title></title><style type="text/css"><!-- body{padding:1ex;margin:0;font-family:sans-serif;font-size:small}a[href]{color:-moz-hyperlinktext!important;text-decoration:-moz-anchor-decoration}blockquote{margin:0;border-left:2px solid #144fae;padding-left:1em}blockquote blockquote{border-color:#006312}blockquote blockquote blockquote{border-color:#540000} --></style></head><body><div style="font-family: Arial; font-size: medium;" dir="ltr"><div>
</div>
<div class="defangedMessage">
<div id="me78108">
<div>
On Fri, 13 May 2011 06:08 +1000, "Paul Gear" <paul@libertysys.com.au> wrote:</div>
<blockquote class="me78108QuoteMessage" type="cite">
<div dir="ltr" style="background-color: #ffffff; ">
On 12/05/11 14:07, Ian Fleming wrote:
<blockquote defang_cite="mid:201105121407.51971.iflema@yahoo.com.au" type="cite">
...<br />
<pre defang_wrap="">
For Ubuntu linux-image-2.6.35-25-generic + covers what is mentioned in the
article.
Local exploit - meaning the attacker would need physical access to the
machine.
And there is not much to stop that... Encryption maybe?
</pre>
</blockquote>
<br />
A quick note about reading security notices: Generally when a security notice says that it has a local exploit, it does not mean that it requires physical access to the machine. It means that the exploit must originate from code running on the system itself. This is as opposed to a remote exploit, which can originate from another system, often by sending a specially crafted network packet, or putting data into a network stream that the receiving system does not sanitise appropriately.<br />
<br />
An example of a local exploit would be privilege escalation, where a program exploits a kernel flaw to raise it from ordinary user status to root status. Examples of remote exploits are buffer overruns, cross-site scripting vulnerabilities, etc. (I'm sure Wikipedia will have useful general summaries of these concepts if you care to search.)<br />
<br />
To answer the original poster's question: with nearly all vulnerabilities, the main thing ordinary end users can do that directly affects their system's security is keeping up-to-date with security patches (through update manager in the case of Ubuntu). Other general security best practices which are helpful in various instances are:<br />
<ul>
<li>
using good (long) passwords</li>
<li>
running a firewall</li>
<li>
filtering email through antivirus</li>
<li>
using web filtering proxies which block known malware sites</li>
<li>
having a good network design which limits access to only the required resources (both inbound & outbound)</li>
</ul>
<div>
Regards,<br />
Paul</div>
<div>
</div>
<div>
*****************</div>
<div>
</div>
<div>
Thanks folks,</div>
<div>
</div>
<div>
so in summary, if my 10.04 is up-to-date according to the Update Manager, then I can do online-banking etc as confidently with 10.04 as with any other currently supported version of Ubuntu, whatever the kernel number is, correct?</div>
<div>
</div>
<div>
I haven't been using a software firewall in Ubuntu before now. Apart from whatever role my modem/router plays in that regard, should I be installing and running a firewall from the Ubuntu repositories? If so, what should I use?</div>
<div>
</div>
<div>
How do Ubuntu users filter email through antivirus? Is there a widely used and recommended program in the Ubuntu repositories?</div>
<div>
</div>
<div>
I haven't been using a software firewall or an antivirus program since Ubuntu became the OS I use 95% of the time...<br />
</div>
<div>
Thanks very much,</div>
<div>
</div>
<div>
Dave</div>
<div>
</div>
<pre>
--
ubuntu-au mailing list
ubuntu-au@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
</pre>
<p>
Email had 1 attachment:</p>
<ul>
<li>
<code>paul.vcf</code><br />
1k (text/x-vcard)</li>
</ul>
</div>
</blockquote>
</div>
</div>
</div></body></html>